Cybersecurity landscape in India has changed significantly in the past decade. Previously, basic virus protection and security controls were sufficient to deter threats. However, in the present times advanced security analytics tools are deployed to prevent advanced persistent threats (APTs) and tackle malicious insiders. Attackers too have evolved with time.

Well-funded and technically adept attackers have the capability to bring an entire enterprise or sector to a halt – something that was unimaginable a decade or two ago.

In this evolving digitally interconnected landscape, India is witnessing an increase in targeted attacks including state sponsored attacks against Indian businesses and enterprises of all sizes in the last 5 years. As per the information reported to and tracked by Indian Computer Emergency Response Team (CERT-In), security incidents have increased from 44,679 in 2014 to 50,362 in 2016. In the first half of 2017 (till June) 27,482 cyber security incidents were already reported.

2016 has been a roller coaster ride in the Indian cyber security space. For instance, cyber breach news on debit cards, hack of recent social media accounts of known personalities and the security of personal data is in question. Post demonetization, while the use of online payment platforms have gone up so has the fraudulent misuse of payment networks including data theft.

The emergence of new services and applications, advanced technologies including cloud and IoT, is proving further impetus to the changing threat landscape in India. The National Association of Software and Services Companies (NASSCOM) reported that India aims to capture 20% of the market share in Internet of Things (IoT) by 2020 which is estimated to be worth USD 300 billion. Also, the big data sector is expected to reach a value of USD 16 billion by 2025, with India expected to be having a 32 percent share in the global market. This is driving companies to adopt more of analytical approach to predict, detect and effectively manage cybersecurity.

Governments across the globe are gearing up through policy enactments and necessary investments to fight the menace of rising cybercrimes. These policies and investments also assure citizens of their privacy rights in the cyber space.

Similarly India, with its economy pegged at INR 152.51 Lakh Crore (or USD 2.34 Billion) and 7.11 % GDP growth rate in 2016-2017 (expected GDP in 2017-18 fiscal being 7.2% and 7.7% in 2018–19) is rapidly integrating itself with Internet Economy, where transactions are predominantly carried out electronically. Digital payments have grown 55% by volume and 24.2% by value in 2016-2017.

Cashless transactions are likely to reach the estimated target of 25 billion digital transactions in 2017-2018. While the Internet offers new means for expanding economic and business avenues, it is, subject to ever increasing dangers of cybercrimes. Individuals need legal protection to protect their personal rights and secure their transaction in cyber space.

This requires setting up of an ecosystem that is capable of understanding new age complexities and offering swift response mechanisms. The ecosystem for cyber security and data protection necessitates and calls for a strong legal framework, proactive government initiatives, active involvement of and contribution by the industry and effective law enforcement.

To this effect, there are multiple initiatives embarked upon and key policies put in place by the Indian Government and Regulators in sectors such as Banking and Financial Services to meet the rising challenges of the Cyber Security.